Lots of malware have been creating cybercrime, but the old Agent Tesla uses new tricks to be able to stay on top. The Agent Tesla RAT has become one of the most prevalent malware families, being seen in more attacks than even TrickBot or Emotet and only slightly fewer than Dridex. Know more about them in this batch of InfoSec articles.
For more articles, check out our #onpatrol4malware blog.
The Biggest Challenges and Best Practices to Mitigate Risks in Maritime Cybersecurity
Ships are increasingly using systems that rely on digitalization, integration, and automation, which call for cyber risk management on board. Read more.
Emotet is back… and where are we?
Source: Team Cymru
Emotet has a long history of wreaking havoc across public and private sector networks. While Emotet is more than SPAM alone, as the SPAM messages pick back up, so too do the victim tallies. Read more.
Iranian hacker group becomes first known APT to weaponize DNS-over-HTTPS (DoH)
An Iranian hacking group known as Oilrig has become the first publicly known threat actor to incorporate the DNS-over-HTTPS (DoH) protocol in its attacks. Read more.
Playing with GuLoader Anti-VM techniques
A recent research performed by Check Point suggests that GuLoader code is almost identical to a loader named as CloudEye and sold “legitimately” as a protection mechanism for binaries. Read more.
The Expanding Extent of the Blackbaud Ransomware Attack
In May 2020, Blackbaud was hit by a ransomware attack, which the company disclosed in July, and several impacted organizations soon started realizing the impact of that breach. Read more.
Hackers Dump 20GB of Intel’s Confidential Data Online
Source: Threat Post
More than 20 gigabytes of proprietary data and source code from chipmaker Intel Corp. was dumped online by a third party, likely the result of a data breach from earlier this year. Read more.
Trade minister hack led to trade secrets leak before U.K. election
Source: SC Media
The hack of a U.K. trade minister’s email account led to the leak of U.S.-U.K. trade documents and perpetuated a disinformation campaign credited with influencing the 2019 U.K. election. Read more.
China targets networks with new Taidoor malware attacks
Source: SC Media
Wielding a new remote access trojan (RAT) dubbed Taidoor, Chinese government-supported hackers are behind a series of cyberespionage campaigns. Read more.
Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks
Source: The Hacker News
The new research explains microarchitectural attacks were actually caused by speculative dereferencing of user-space registers in the kernel. Read more.
Twitter users urged to update over Android security flaw
Source: BBC News
Millions of Twitter users will be asked to update their Android app after the company found a security flaw. Twitter said the vulnerability could let other malicious apps access private information such as direct messages. Read more.
Agent Tesla | Old RAT Uses New Tricks to Stay on Top
Source: Sentinel LABS
The Agent Tesla RAT has become one of the most prevalent malware families threatening enterprises in the first half of 2020, being seen in more attacks than even TrickBot or Emotet and only slightly fewer than Dridex. Read more.
Color by numbers: inside a Dharma ransomware-as-a-service attack
Part of the reason for Dharma’s longevity is that its variants have become the basis for ransomware-as-a-service (RaaS) operations—the fast-food franchise of cybercrime. Read more.
RedCurl cybercrime group has hacked companies for three years
Named RedCurl, the activities of this new group have been detailed in a 57-page report released today by cyber-security firm Group-IB. Read more.